AppendClientCertificateRequest (Stringlist function)
Add client certificate request to a Stringlist (Stringlist class)
[Requires Janus Network Security]
This callable method generates an SSL client-certificate request from a given client public key, and it adds the request lines to the end of a Stringlist.
Syntax
[%rc =] sl:AppendClientCertificateRequest( [PublicKey=] string, - [[Country=] string], - [[State=] string], - [[City=] string], - [[Organization=] string], - [[OrganizationalUnit=] string], - [[CommonName=] string], - [[Challenge=] string], - [SignatureAlgorithm= digestAlgorithm])
Syntax terms
| %rc | An, optional, numeric variable that is set to zero if the function is a success. The possible return codes are described elsewhere in Return codes. |
|---|---|
| sl | A Stringlist object to contain the certificate request that is produced. |
| PublicKey | This name allowed parameter is a string or Stringlist object that contains an RSA-generated client public key. |
| Country | This name allowed, optional, string argument inserts a country value into the generated certificate request. |
| State | This name allowed, optional, string argument inserts a state/province value into the generated certificate request. |
| City | This name allowed, optional, string argument inserts a locality value into the generated certificate request. |
| Organization | This name allowed, optional, string argument inserts an organization value (for example, a company name) into the generated certificate request. |
| OrganizationalUnit | This name allowed, optional, string argument inserts an organization unit (OU) value into the generated certificate request. For example, a department within a company. |
| CommonName | This name allowed, optional, string argument inserts a common-name (CN) value into the generated certificate request. For example, a host name like "www.sirius-software.com". |
| Challenge | This name allowed, optional, string argument inserts the expected authentication challenge data/password. You might need to identify the type of authentication, for example, certificate-based authentication. |
| SignatureAlgorithm | This optional, name required, argument is a DigestAlgorithm enumeration value. Valid options are: MD5, SHA1, SHA256. The default value is SHA256 as of Model 204 7.7 (and zap maintenance for versions 7.6 and 7.5).
Note: Although supported and formerly the default, most modern browsers are deprecating SHA1. |
Return codes
| 0 | All is well. |
|---|---|
| 3 | Out of CCATEMP. |
| 5 | Stringlist identifier missing. |
| 6 | Invalid Stringlist identifier. |
| 7 | Insufficient storage. |
| 10 | Public key Stringlist identifier missing. |
| 11 | Invalid public key Stringlist identifier. |
| 12 | Invalid public key. |
| 13 | Challenge data mismatch. |
| 14 | Bad public key/challenge signature. |
Usage notes
For some background information concerning certificates, see Public-key cryptography and Certificate signing request.
Examples
For a closely related example, see the AppendCertificateRequest Examples section.
See also
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
String methods:
- CertificateRequest
- SignedCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
System methods:
Socket methods: